Hello I suggest blocking all websites on the internet from accessing local resources (localhost/router IP) to prevent the easy exploitation of security vulnerabilitys.
There are many software packages which are running a web server on localhost and if they are not secure they can be attacked from any website. The last bigger issue of this kinde is "logitech Options"
https://bugs.chromium.org/p/project-zero/issues/detail?id=1663
I use Dynamic filtering for some time to block all addresses relevant in my network:
* 127.0.0.1 * block
127.0.0.1 127.0.0.1 * allow
* localhost * block
localhost localhost * allow
* 192.168.0.1 * block
192.168.0.1 192.168.0.1 * allow
* speedport.ip * block
speedport.ip speedport.ip * allow
* 192.168.0.10 * block
192.168.0.10 192.168.0.10 * allow
.....
So I prevent other sites from interactions with servers which are running on my system or my router.
But there are some "legitimate" sites which are using access to a local server e.g. Intel Driver update:
https://www.intel.de/content/www/de/de/support/intel-driver-support-assistant.html
So Dynamic filtering is not the best for a general solution.
So a filter list with the possibility of overwriting some site would be better solution.
I don't know the syntax for filter lists sorry therefore no finished list.
I would suggest blocking external access to Private IP addresses and known router host names:
127.0.0.0/8
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
router host names (which work even if the user changes the router IP)
speedport.ip, congstar.box, fritz.box, routerlogin.com, routerlogin.net, samsung.router, easy.box, arcor.easybox
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4